Legislation Needed to Bolster Cybersecurity Executive Order

Media Contacts: Mike Rosen, Charlotte Sellmyer (202) 226-8417

WASHINGTON, D.C. – House Homeland Security Chairman Michael McCaul (R-Texas) released the following statement regarding the President’s Cybersecurity Executive Order, announced at tonight’s State of the Union Address, as well as Congress’ renewed efforts to pass essential legislation to establish a whole-of-government framework for cybersecurity.

This month, the House Homeland Security Committee will hold a hearing on the Executive Order to examine its implications for the public and private sectors.

Chairman McCaul: “I am pleased that the President’s Executive Order establishes the Department of Homeland Security as having a lead role in cybersecurity—to rapidly disseminate both unclassified and classified cyber threat reports, to strengthen public-private partnerships and to coordinate national protection of our critical infrastructure. However, I am concerned that the order could open the door to increased regulations that would stifle innovation, burden businesses, and fail to keep pace with evolving cyber threats. Our first priority must be ‘do no harm’.

“The executive branch also lacks constitutional authority possessed by Congress to provide the necessary liability protections that industry needs to freely share threat information with the federal government in a joint effort. Without protections and incentives to adopt industry-led best practices, such programs will be ineffective and carry consequences for entities that choose to participate.

“Legislation expected to be introduced by Rep. Mike Rogers and Rep. Dutch Ruppersberger helps to facilitate this partnership between the public and private sector and provides the necessary protections. I am confident that our ongoing dialogue with industry as well as our colleagues in the Senate will yield common ground and help pave the way to pass essential legislation to establish a whole-of-government strategy for cybersecurity that is critical to both our economic and national security.

“Additionally, I plan to introduce legislation to enhance coordination between the private sector and government in order to protect our critical infrastructure including communications networks, information technology, pipelines, dams, and transportation systems.

“A key component of a whole–of–government cybersecurity strategy involves DHS’s role, which is to coordinate the national protection, prevention, mitigation of and recovery from cyber incidents. The Department has been building its capability to protect us from cyber attacks, and it will be a priority of this Committee to help it continue to do so.”